Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
File: 6FEF4E442DE011EA853E2328C4F9AE02.roa (raw, json)
Hash identifier: DFd44NVaQA+x66nUaHpjv0bFRfAs6N1m0gvI9clk+zE=
Subject key identifier: AC:EF:E3:38:F8:22:04:79:FC:48:3E:ED:78:CE:92:BE:19:C9:8F:A6
Certificate issuer: /CN=A9186214/serialNumber=3FB18D89FAF3188DCE590F7C489077961F82A957
Certificate serial: 2951
Authority key identifier: 3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:12:26 +0000
ROA not before: Tue 30 Jan 2024 16:12:26 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 24203
IP address blocks: 140.213.3.0/24 maxlen: 24
140.213.4.0/24 maxlen: 24
140.213.5.0/24 maxlen: 24
140.213.6.0/24 maxlen: 24
140.213.7.0/24 maxlen: 24
140.213.9.0/24 maxlen: 24
140.213.10.0/24 maxlen: 24
140.213.12.0/24 maxlen: 24
140.213.14.0/24 maxlen: 24
140.213.16.0/24 maxlen: 24
140.213.19.0/24 maxlen: 24
140.213.20.0/24 maxlen: 24
140.213.23.0/24 maxlen: 24
140.213.29.0/24 maxlen: 24
140.213.32.0/24 maxlen: 24
140.213.33.0/24 maxlen: 24
140.213.35.0/24 maxlen: 24
140.213.36.0/24 maxlen: 24
140.213.38.0/24 maxlen: 24
140.213.39.0/24 maxlen: 24
140.213.42.0/24 maxlen: 24
140.213.47.0/24 maxlen: 24
140.213.50.0/24 maxlen: 24
140.213.51.0/24 maxlen: 24
140.213.53.0/24 maxlen: 24
140.213.56.0/24 maxlen: 24
140.213.58.0/24 maxlen: 24
140.213.62.0/24 maxlen: 24
140.213.72.0/24 maxlen: 24
140.213.75.0/24 maxlen: 24
140.213.88.0/24 maxlen: 24
140.213.114.0/24 maxlen: 24
140.213.138.0/24 maxlen: 24
140.213.139.0/24 maxlen: 24
140.213.142.0/24 maxlen: 24
140.213.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.crl
rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 May 2024 15:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10577 (0x2951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=3FB18D89FAF3188DCE590F7C489077961F82A957
Validity
Not Before: Jan 30 16:12:26 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b91fea-ea5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:d3:52:57:aa:61:92:be:02:6c:44:2e:57:
89:07:ec:f5:26:45:d6:76:74:3e:4b:b4:65:3a:90:
e0:0a:be:47:71:ae:49:e6:26:11:fc:bd:93:12:3d:
32:90:cd:61:35:56:03:9c:2b:7e:23:02:e4:33:5b:
d0:4f:7b:6c:82:70:86:26:44:87:4b:ec:b5:c4:e0:
65:f7:2b:49:fd:c8:e6:45:c7:bd:b4:d5:fe:9d:e0:
e2:d1:f5:f9:3f:a4:3b:c2:91:07:29:7b:20:b0:2e:
48:28:e8:c9:c9:0b:c4:de:a3:14:de:1c:f9:a5:ed:
c6:d4:a0:ef:10:85:72:c3:e5:8a:f9:6c:95:f9:fd:
9a:ad:11:ea:69:25:88:9f:de:6c:52:3b:88:8a:b4:
2c:e7:52:84:05:2f:08:30:ff:2d:a9:ff:e0:4f:5a:
ee:a5:16:47:fd:48:2a:ba:29:2d:32:51:11:2d:a7:
20:48:ac:63:3a:b6:e8:b8:13:b6:66:eb:59:f0:05:
a0:10:4c:cb:7a:7d:45:94:98:79:3a:11:49:20:96:
12:11:ce:80:62:ac:01:69:d6:d7:16:a8:81:37:e5:
8d:52:8d:75:3a:cb:11:7b:62:08:70:5e:e7:ee:8b:
67:a5:ec:ea:36:cc:b0:a0:56:57:a0:99:97:c5:d5:
44:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:EF:E3:38:F8:22:04:79:FC:48:3E:ED:78:CE:92:BE:19:C9:8F:A6
X509v3 Authority Key Identifier:
keyid:3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
140.213.3.0-140.213.7.255
140.213.9.0-140.213.10.255
140.213.12.0/24
140.213.14.0/24
140.213.16.0/24
140.213.19.0-140.213.20.255
140.213.23.0/24
140.213.29.0/24
140.213.32.0/23
140.213.35.0-140.213.36.255
140.213.38.0/23
140.213.42.0/24
140.213.47.0/24
140.213.50.0/23
140.213.53.0/24
140.213.56.0/24
140.213.58.0/24
140.213.62.0/24
140.213.72.0/24
140.213.75.0/24
140.213.88.0/24
140.213.114.0/24
140.213.138.0/23
140.213.142.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:14:bc:1b:9e:10:67:8b:96:19:67:a1:87:1f:82:83:09:60:
f8:13:dc:3f:a6:60:fa:d6:22:86:30:a9:32:ca:9e:e6:c2:95:
9c:75:86:02:cb:90:d9:9f:63:a0:b8:96:d2:be:54:31:61:c1:
f9:91:da:29:66:d6:be:77:ee:db:8c:45:4c:78:53:0e:98:40:
26:da:af:14:03:ff:bd:53:8f:21:24:61:00:53:02:b6:92:18:
2e:35:ab:c8:46:d1:98:34:b0:41:f6:4c:d5:44:4a:bf:e7:ac:
ef:df:d9:d8:86:48:bd:35:3e:e7:11:1d:b7:34:4c:80:14:3e:
2b:b9:dd:8e:01:2a:dc:c3:2d:c7:59:1c:00:ed:59:a1:fa:5f:
23:e5:6f:87:4a:0e:77:cb:ff:eb:d0:aa:01:1c:7e:89:2d:4c:
19:d1:cd:8f:70:e7:3a:99:cf:f9:c8:68:d2:5c:58:2f:96:37:
b2:85:45:8c:1c:ce:8d:d3:7d:83:a4:3a:71:95:1d:ec:01:68:
f5:29:34:6b:b9:cb:67:85:16:bc:68:46:6b:40:3f:1f:e0:af:
62:16:d0:cb:48:9a:5f:30:38:27:ff:ac:5d:11:c1:cc:ad:ca:
55:08:60:17:44:82:54:b6:bb:10:13:1d:ca:ee:59:d3:0f:ae:
38:79:6f:4e
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgICKVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKDNGQjE4RDg5RkFGMzE4OERDRTU5MEY3QzQ4OTA3Nzk2
MUY4MkE5NTcwHhcNMjQwMTMwMTYxMjI2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MWZlYS1lYTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwXjTUleqYZK+AmxELleJB+z1JkXWdnQ+S7RlOpDgCr5Hca5J5iYR/L2TEj0y
kM1hNVYDnCt+IwLkM1vQT3tsgnCGJkSHS+y1xOBl9ytJ/cjmRce9tNX+neDi0fX5
P6Q7wpEHKXsgsC5IKOjJyQvE3qMU3hz5pe3G1KDvEIVyw+WK+WyV+f2arRHqaSWI
n95sUjuIirQs51KEBS8IMP8tqf/gT1rupRZH/UgquiktMlERLacgSKxjOrbouBO2
ZutZ8AWgEEzLen1FlJh5OhFJIJYSEc6AYqwBadbXFqiBN+WNUo11OssRe2IIcF7n
7otnpezqNsywoFZXoJmXxdVEyQIDAQABo4IDRDCCA0AwHQYDVR0OBBYEFKzv4zj4
IgR5/Eg+7XjOkr4ZyY+mMB8GA1UdIwQYMBaAFD+xjYn68xiNzlkPfEiQd5YfgqlX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9CN0Y4MTk1ODMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi9QN0dOaWZyekdJM09XUTk4U0pCM2xoLUNx
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3R05pZnJ6R0kzT1dROThTSkIzbGgtQ3FWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQjdGODE5NTgzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkZFRjRFNDQy
REUwMTFFQTg1M0UyMzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc0GCCsGAQUFBwEHAQH/
BIG9MIG6MIG3BAIAATCBsDAMAwQAjNUDAwQDjNUAMAwDBACM1QkDBACM1QoDBACM
1QwDBACM1Q4DBACM1RAwDAMEAIzVEwMEAIzVFAMEAIzVFwMEAIzVHQMEAYzVIDAM
AwQAjNUjAwQAjNUkAwQBjNUmAwQAjNUqAwQAjNUvAwQBjNUyAwQAjNU1AwQAjNU4
AwQAjNU6AwQAjNU+AwQAjNVIAwQAjNVLAwQAjNVYAwQAjNVyAwQBjNWKAwQBjNWO
MA0GCSqGSIb3DQEBCwUAA4IBAQB6FLwbnhBni5YZZ6GHH4KDCWD4E9w/pmD61iKG
MKkyyp7mwpWcdYYCy5DZn2OguJbSvlQxYcH5kdopZta+d+7bjEVMeFMOmEAm2q8U
A/+9U48hJGEAUwK2khguNavIRtGYNLBB9kzVREq/56zv39nYhki9NT7nER23NEyA
FD4rud2OASrcwy3HWRwA7Vmh+l8j5W+HSg53y//r0KoBHH6JLUwZ0c2PcOc6mc/5
yGjSXFgvljeyhUWMHM6N032DpDpxlR3sAWj1KTRructnhRa8aEZrQD8f4K9iFtDL
SJpfMDgn/6xdEcHMrcpVCGAXRIJUtrsQEx3K7lnTD644eW9O
-----END CERTIFICATE-----
Generated at Mon May 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org